مشكلتي غريبة عدم ظهور محرك الاقراص

G

^GHOST^

زيزوومى مبدع
إنضم
9 مايو 2008
المشاركات
1,396
مستوى التفاعل
31
النقاط
630
الإقامة
K-S-A
غير متصل
السلام عليكم ورحمة الله وبركاته

ياشباب محرك الاقراص مختفي من جهاز الكمبيوتر ولدي الريكفري تبع جهازي اللابتوب ونظامي فيستا

ويوجد بمحرك الاقراص في ادارة الاجهزة علامة تعجب وعملت تحديث اواعادة تعريفه ونفس المشكلة


وياليت تساعدوني
 

توقيع : ^GHOST^
ترتيب حسب التاريخ ترتيب حسب الأصوات

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


ياخوي يعطيك العافية لكن اللي عند نظام فيستا
 
توقيع : ^GHOST^
تأييد 0
خلنا نشوف التقارير اذا


عطل برامج الحمايه
حمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
--------------------------------------------
( 2 )
واعمل تقرير للهايجاك

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم​
 
تأييد 0
تقرير اداة ComboFix

ComboFix 08-09-14.01 - 09/14/2008 23:11:20.2 - NTFSx86.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Windows\system32\mdm.exe

.
((((((((((((((((((((((((( Files Created from 2008-08-14 to 2008-09-14 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-14 20:13 --------- d-----w C:\Users\Hussein\AppData\Roaming\DMCache
2008-09-14 19:52 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-09-14 19:50 704,544 --sha-w C:\Windows\system32\drivers\fidbox2.dat
2008-09-14 19:50 3,584,032 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-09-14 19:50 3,376 --sha-w C:\Windows\system32\drivers\fidbox2.idx
2008-09-14 19:50 29,080 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-09-14 04:51 155,481 ----a-w C:\Users\Hussein\AppData\Roaming\nvModes.dat
2008-09-14 04:20 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-14 04:20 --------- d-----w C:\Program Files\Windows Mail
2008-09-04 00:02 --------- d-----w C:\Users\Hussein\AppData\Roaming\Nero
2008-09-04 00:01 --------- d-----w C:\Program Files\Nero
2008-09-04 00:01 --------- d-----w C:\Program Files\Common Files\Nero
2008-09-03 23:31 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-03 23:00 532,480 ------w C:\Windows\System32\imagx5.dll
2008-09-03 23:00 507,904 ------w C:\Windows\System32\imagr5.dll
2008-09-03 23:00 44,227 ----a-w C:\Windows\system32\drivers\NeroCd2k.sys
2008-09-03 23:00 36,864 ----a-w C:\Windows\System32\MultiSZ.dll
2008-09-03 23:00 35,328 ------w C:\Windows\System32\picn20.dll
2008-09-03 23:00 275,312 ------w C:\Windows\System32\ImagXpr5.dll
2008-09-03 23:00 106,496 ------w C:\Windows\System32\TwnLib20.dll
2008-08-30 21:56 --------- d-----w C:\Program Files\Macrovision Corporation
2008-08-30 20:07 --------- d-----w C:\Program Files\Roxio
2008-08-30 20:06 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-08-30 02:34 --------- d-----w C:\Program Files\McAfee
2008-08-27 20:31 --------- d-----w C:\Users\Hussein\AppData\Roaming\Paltalk
2008-08-26 04:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-26 04:46 --------- d-----w C:\Program Files\Sony
2008-08-24 20:33 --------- d-----w C:\Program Files\Common Files\Sony Shared
2008-08-24 20:31 --------- d-----w C:\Program Files\MessengerDiscovery
2008-08-21 20:34 --------- d-----w C:\ProgramData\Ipswitch
2008-08-21 20:34 --------- d-----w C:\Program Files\Ipswitch
2008-08-20 23:52 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-20 21:17 --------- d-----w C:\Users\Hussein\AppData\Roaming\Sunbelt
2008-08-20 21:17 --------- d-----w C:\ProgramData\Sunbelt
2008-08-20 21:16 --------- d-----w C:\Program Files\Sunbelt Software
2008-08-19 22:19 --------- d-----w C:\ProgramData\Messenger Plus!
2008-08-17 22:07 --------- d-----w C:\Program Files\Notebook Hardware Control
2008-08-17 20:29 --------- d-----w C:\ProgramData\Martau
2008-08-17 20:29 --------- d-----w C:\Program Files\Total Uninstall 4
2008-08-17 01:21 --------- d-----w C:\Program Files\VirusTotalUploader
2008-08-16 17:34 96,976 ----a-w C:\Windows\system32\drivers\klin.dat
2008-08-16 17:19 87,855 ----a-w C:\Windows\system32\drivers\klick.dat
2008-08-16 17:18 --------- d-----w C:\Program Files\Kaspersky Lab
2008-08-16 17:14 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files
2008-08-16 17:11 --------- d-----w C:\Program Files\ESET
2008-08-15 22:36 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-12 05:11 --------- d-----w C:\Users\Hussein\AppData\Roaming\ESET
2008-08-12 05:10 --------- d-----w C:\ProgramData\ESET
2008-08-12 04:55 --------- d-----w C:\ProgramData\Symantec
2008-08-12 04:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-08 23:29 --------- d-----w C:\Users\Hussein\AppData\Roaming\NSeries
2008-08-08 23:16 --------- d-----w C:\Users\Hussein\AppData\Roaming\Nokia Multimedia Player
2008-08-08 23:06 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-08-08 22:33 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-08-08 16:54 --------- d-----w C:\Users\Hussein\AppData\Roaming\IDM
2008-08-08 00:23 --------- d-----w C:\Program Files\Internet Download Manager
2008-08-06 19:25 --------- d-----w C:\Users\Hussein\AppData\Roaming\Symantec
2008-08-06 18:00 --------- d-----w C:\Program Files\Java
2008-08-06 05:19 --------- d-----w C:\ProgramData\Avira
2008-08-05 20:42 --------- d-----w C:\ProgramData\Roxio
2008-08-01 03:14 --------- d-----w C:\Program Files\DIFX
2008-08-01 03:09 --------- d-----w C:\Program Files\SweetIM
2008-08-01 02:21 --------- d-----w C:\Users\Hussein\AppData\Roaming\DivX
2008-07-31 16:49 --------- d-----w C:\ProgramData\SiteAdvisor
2008-07-31 16:46 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
2008-07-31 03:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-31 03:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:34 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 03:34 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-07-30 23:47 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-07-30 23:32 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-30 23:30 --------- d-----w C:\ProgramData\McAfee
2008-07-30 23:30 --------- d-----w C:\Program Files\Common Files\McAfee
2008-07-29 20:49 --------- d-----w C:\ProgramData\SweetIM
2008-07-29 17:21 218,376 ----a-w C:\Windows\System32\klogon.dll
2008-07-29 17:20 24,774 ----a-w C:\Windows\system32\drivers\klopp.dat
2008-07-26 17:42 --------- d-----w C:\Program Files\TechSmith
2008-07-25 18:48 --------- d-----w C:\ProgramData\TechSmith
2008-07-25 15:47 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-07-22 20:16 --------- d-----w C:\Program Files\NETGATE
2008-07-21 23:52 --------- d-----w C:\Users\Hussein\AppData\Roaming\Sony Corporation
2008-07-21 23:52 --------- d-----w C:\ProgramData\Sony Corporation
2008-07-21 15:34 121,872 ----a-w C:\Windows\system32\drivers\kl1.sys
2008-07-16 12:51 --------- d-----w C:\Program Files\Real_SC
2008-07-15 23:48 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-07-09 09:14 174 --sha-w C:\Program Files\desktop.ini
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-06-27 03:54 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-06-27 03:54 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-06-19 03:25 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-06-19 03:25 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-06-19 03:25 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-06-19 03:25 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-06-12 22:04 691 ----a-w C:\Users\Hussein\AppData\Roaming\GetValue.vbs
2008-06-12 22:04 35 ----a-w C:\Users\Hussein\AppData\Roaming\SetValue.bat
.

((((((((((((((((((((((((((((( snapshot@Sun 09-14-2008_22.49.23.76 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-14 04:50:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-09-14 19:51:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-09-14 04:50:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-09-14 19:51:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-09-14 04:52:48 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-14 19:54:08 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-14 19:54:08 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-09-14 04:53:33 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-14 19:54:39 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-14 20:06:18 5,084 ----a-w C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\jalaan.com\jalaan.com\Data.dat
- 2008-09-14 04:52:58 17,518 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1019644318-797602448-638544047-1003_UserData.bin
+ 2008-09-14 19:54:10 17,518 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1019644318-797602448-638544047-1003_UserData.bin
- 2008-09-14 04:52:57 94,864 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-14 19:54:10 94,864 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-09-14 04:52:55 80,314 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-09-14 20:01:48 80,314 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
12/16/2007 02:07 AM 73728 --------- C:\Users\Hussein\AppData\Local\Sony Corporation\VirtualExpander\VEShellExt.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [08/12/2005 03:30 PM 249856]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [11/02/2006 03:35 PM 125440]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [07/28/2007 03:38 PM 1360304]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 11:34 AM 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [01/12/2007 08:52 AM 118784]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [01/23/2007 06:39 AM 321656]
"E-Flyer"="C:\Program Files\Sony\E-Flyer\SubFlyer.exe" [10/17/2006 01:06 AM 456824]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM 33648]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [11/07/2007 02:35 AM 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [11/07/2007 02:35 AM 8534560]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [11/07/2007 02:35 AM 81920]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [03/24/2008 10:13 PM 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM 144784]
"MSConfig"="C:\Windows\system32\msconfig.exe" [11/02/2006 12:45 PM 222208]
"FortKnoxPersonalFirewall"="C:\Program Files\NETGATE\FortKnox Personal Firewall 2008\FortKnoxGUI.exe" [BU]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [07/29/2008 08:20 PM 206088]
"NeroCheck"="C:\Windows\system32\NeroCheck.exe" [07/09/2001 11:50 AM 155648]
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [07/09/2001 11:50 AM 155648]

C:\Users\Hussein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
VirtualExpander.lnk - C:\Users\Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe [2007-12-16 474808]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-17 113664]
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-03 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DfLogon]
LogonDll.dll [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
02/14/2007 01:19 AM 98304 C:\Windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll
"VIDC.ACDV"= ACDV.dll
"VIDC.YV12"= yv12vfw.dll
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
backup=C:\Windows\pss\PalTalk.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Hussein^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Audio Filter.lnk]
path=C:\Users\Hussein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk
backup=C:\Windows\pss\Audio Filter.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{473E164F-4F50-4B68-8F1F-F63316300F87}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{6E385DAD-2460-4130-AE6A-6D66BEE4B051}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{CF503ACA-CAA9-4F61-83D8-194EAF86DE52}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{8FBDBB95-4290-4E9D-9ECC-E4083E40C931}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{31113270-7145-4E1D-B34E-B05EBCECB6D6}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{60668A1F-7D54-4766-A4F6-8C581B3D9B0B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F46D6CC2-7A7E-41A4-9ED2-37D99923577E}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{AD029696-274D-4E34-928B-FFEDDC776BF5}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{0BA24197-5875-4C13-A534-944A5D076920}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{B360A40C-BF70-425B-8598-C9B7D51A1847}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{09C7ACA7-6EA0-4380-B28F-43DF41BD7A40}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{4807CB48-9C38-4697-A695-498C5A2BC17E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{4A41B5E5-4A44-4D16-AC04-9B00C5213906}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{5C1CB8D9-557C-4C8E-87B1-EC5693BEE8E5}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{81D51A66-9FB4-45CC-BAC7-5EBCF6637343}"= UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{99E16F49-7D95-45CE-BD3E-A5C81DDEA47F}"= TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"TCP Query User{515262E9-DC02-4C26-AA4A-68106175AFC7}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{7C9A67CB-5C43-4AAE-97A4-A37F9EE4C8B9}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"TCP Query User{B1C30AA6-5485-45A7-BC27-335654856074}C:\\users\\hussein\\appdata\\local\\temp\\rarsfx0\\hiw\\stinstall.exe"= UDP:C:\users\hussein\appdata\local\temp\rarsfx0\hiw\stinstall.exe:stinstall.exe
"UDP Query User{17573C4D-100B-4639-B948-3E8312EEC17E}C:\\users\\hussein\\appdata\\local\\temp\\rarsfx0\\hiw\\stinstall.exe"= TCP:C:\users\hussein\appdata\local\temp\rarsfx0\hiw\stinstall.exe:stinstall.exe
"TCP Query User{D0FCAF5C-E4BC-48BF-929F-BE58DEE2876A}C:\\program files\\paltalk messenger\\paltalk.exe"= UDP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"UDP Query User{49375F85-DCB0-445B-94CC-2186A0F69A51}C:\\program files\\paltalk messenger\\paltalk.exe"= TCP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"{5B0286BE-93B9-461C-87DB-0C1CD67C29C9}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{58992D61-5F8B-44DB-9968-7666EB85357B}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"TCP Query User{90269F03-2A82-426A-8364-0E998BAD78D5}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{31A51FC2-EBC5-4A19-82FF-F202F455D983}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"TCP Query User{1D24F816-7B38-4995-A96F-606DF548BED3}C:\\program files\\paltalk messenger\\paltalk.exe"= Disabled:UDP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"UDP Query User{CEBA3E22-3135-4252-807A-F5BE4E8FF204}C:\\program files\\paltalk messenger\\paltalk.exe"= Disabled:TCP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"{68B1B21B-3CEC-4F5D-A6CB-73270E94CA8E}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
"{32C85375-F8CF-4CE7-BEC0-96ADA2BD4E57}"= TCP:C:\Program Files\DNA\btdna.exe:DNA
"{13B4C2FD-B066-4EC1-9406-F00EFCD04F8C}"= Disabled:UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{73683311-F4D4-46A1-B92E-7AEB1FEFC547}"= Disabled:TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{1FB5B521-4677-420F-83AA-74C856A0F46D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7F5E15C7-825D-484C-A6D6-207562464838}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{DA3C25AF-DC76-4CDD-99D7-C87976D3260E}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{CB3877A7-0931-4516-9085-2FEB8204AB55}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{51A048A3-3261-44E4-909B-43620387C3FC}F:\\sthiw\\stinstall.exe"= UDP:F:\sthiw\stinstall.exe:SpeedTouch Setup Wizard
"UDP Query User{B4C21AEC-A5FD-4BA1-B1CB-9528FE004C27}F:\\sthiw\\stinstall.exe"= TCP:F:\sthiw\stinstall.exe:SpeedTouch Setup Wizard

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [01/29/2008 06:29 PM 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [07/09/2008 06:28 PM 20496]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [08/18/2008 10:30 AM 211232]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [02/26/2008 10:08 PM 29183504]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [04/18/2007 06:09 AM 11032]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM 26640]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [03/15/2007 10:19 PM 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [03/15/2007 10:19 PM 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;C:\Windows\system32\DRIVERS\SonyImgF.sys [04/05/2007 04:03 AM 31104]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [02/08/2007 06:53 AM 807424]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [02/08/2007 06:10 AM 195584]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe [01/26/2007 09:41 PM 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe [01/26/2007 09:41 PM 67760]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 3\IcVzMon.exe [01/26/2007 09:41 PM 43184]
S3 TridVid;Trident Analog Video;C:\Windows\system32\DRIVERS\TridVid.sys [06/18/2007 06:52 AM 201216]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [12/25/2007 05:30 AM 306432]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [01/11/2007 02:51 AM 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Collection (HTTP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [01/09/2007 03:06 AM 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [01/17/2007 12:05 AM 1089536]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - H:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f76850d-d284-11dc-9f2f-0013a9c2467b}]
\shell\Autoplay\Command - smss.exe
\shell\AutoRun\command - smss.exe
\shell\Explore\Command - smss.exe
\shell\Open\Command - smss.exe
.
s of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Hussein\AppData\Roaming\Mozilla\Firefox\Profiles\rtupqdbe.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1654009&SearchSource=3&q=
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2008-09-14 23:13:59
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\Windows\Explorer.exe
-> C:\Program Files\McAfee\SiteAdvisor\saHook.dll
.
Completion time: 09/14/2008 23:15:19
ComboFix-quarantined-files.txt 2008-09-14 20:14:56

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 65,564,749,824 bytes free

310 --- E O F --- 2008-09-12 19:48:51


 
توقيع : ^GHOST^
تأييد 0
تقرير للهايجاك

Logfile of HijackThis v1.99.1
Scan saved at 11:17:09 م, on 14/09/08
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Users\Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Explorer.exe
C:\Users\Hussein\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall 2008\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: VirtualExpander.lnk = Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: DfLogon - LogonDll.dll (file missing)
O20 - Winlogon Notify: klogon - C:\Windows\system32\klogon.dll
O20 - Winlogon Notify: VESWinlogon - C:\Windows\SYSTEM32\VESWinlogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: SQL Server (VAIO_VEDB) (MSSQL$VAIO_VEDB) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP (file missing)
O23 - Service: VAIO Media Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


 
توقيع : ^GHOST^
تأييد 0
توقيع : ^GHOST^
تأييد 0
حدد التالى​

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll​

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll​

O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"​

O13 - Gopher Prefix:​

O20 - Winlogon Notify: DfLogon - LogonDll.dll (file missing)​

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe​

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe​

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe​

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment​

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway​

O23 - Service: VAIO Media Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe​

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe​

طريقة الحذف​

mg%20%283%29.png

mg%20%284%29.png



ونزل الاداة هذى​

لتنضيف الجهاز​

رابط على سيرفر المنتدى​

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


رابط اخر Zshare

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


300 كيلوبايت


وتقرير ثانى بعد الرى ستارت​

بنتظار النتائج​
 
تأييد 0
استخدمها بعد حذف القيم

هذه اداة بسيطه للمساعده في تنظيف الجهاز بشكل صحيح ومريح وامن و تلقائي

:d:

وسيتم الاعتماد على اداة الويندوز

Disk Cleanup Tool

1213108286_User20.gif



يتم مسح مخلفات الجهاز التاليه بالاضافة الى مجلد الـ prefetch


يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي




شرح الاستخدام

1213108286_User20.gif



دبل كلك على الاداة تظهر لك الشاشة التالية

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي




قم باختيار مايناسبك وتريد مسحه ثم اضغط OK

^
^^
^^^
بالنسبة لي انا احددها كلها
:q:
 
تأييد 0
تقرير ComboFix


((((((((((((((((((((((((( Files Created from 2008-08-14 to 2008-09-14 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-14 21:01 --------- d-----w C:\Users\Hussein\AppData\Roaming\DMCache
2008-09-14 20:55 155,481 ----a-w C:\Users\Hussein\AppData\Roaming\nvModes.dat
2008-09-14 20:55 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-09-14 20:53 712,736 --sha-w C:\Windows\system32\drivers\fidbox2.dat
2008-09-14 20:53 3,584,032 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-09-14 20:53 3,516 --sha-w C:\Windows\system32\drivers\fidbox2.idx
2008-09-14 20:53 29,080 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-09-14 04:20 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-14 04:20 --------- d-----w C:\Program Files\Windows Mail
2008-09-04 00:02 --------- d-----w C:\Users\Hussein\AppData\Roaming\Nero
2008-09-04 00:01 --------- d-----w C:\Program Files\Nero
2008-09-04 00:01 --------- d-----w C:\Program Files\Common Files\Nero
2008-09-03 23:31 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-03 23:00 532,480 ------w C:\Windows\System32\imagx5.dll
2008-09-03 23:00 507,904 ------w C:\Windows\System32\imagr5.dll
2008-09-03 23:00 44,227 ----a-w C:\Windows\system32\drivers\NeroCd2k.sys
2008-09-03 23:00 36,864 ----a-w C:\Windows\System32\MultiSZ.dll
2008-09-03 23:00 35,328 ------w C:\Windows\System32\picn20.dll
2008-09-03 23:00 275,312 ------w C:\Windows\System32\ImagXpr5.dll
2008-09-03 23:00 106,496 ------w C:\Windows\System32\TwnLib20.dll
2008-08-30 21:56 --------- d-----w C:\Program Files\Macrovision Corporation
2008-08-30 20:07 --------- d-----w C:\Program Files\Roxio
2008-08-30 20:06 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-08-30 02:34 --------- d-----w C:\Program Files\McAfee
2008-08-27 20:31 --------- d-----w C:\Users\Hussein\AppData\Roaming\Paltalk
2008-08-26 04:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-26 04:46 --------- d-----w C:\Program Files\Sony
2008-08-24 20:33 --------- d-----w C:\Program Files\Common Files\Sony Shared
2008-08-24 20:31 --------- d-----w C:\Program Files\MessengerDiscovery
2008-08-21 20:34 --------- d-----w C:\ProgramData\Ipswitch
2008-08-21 20:34 --------- d-----w C:\Program Files\Ipswitch
2008-08-20 23:52 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-20 21:17 --------- d-----w C:\Users\Hussein\AppData\Roaming\Sunbelt
2008-08-20 21:17 --------- d-----w C:\ProgramData\Sunbelt
2008-08-20 21:16 --------- d-----w C:\Program Files\Sunbelt Software
2008-08-19 22:19 --------- d-----w C:\ProgramData\Messenger Plus!
2008-08-17 22:07 --------- d-----w C:\Program Files\Notebook Hardware Control
2008-08-17 20:29 --------- d-----w C:\ProgramData\Martau
2008-08-17 20:29 --------- d-----w C:\Program Files\Total Uninstall 4
2008-08-17 01:21 --------- d-----w C:\Program Files\VirusTotalUploader
2008-08-16 17:34 96,976 ----a-w C:\Windows\system32\drivers\klin.dat
2008-08-16 17:19 87,855 ----a-w C:\Windows\system32\drivers\klick.dat
2008-08-16 17:18 --------- d-----w C:\Program Files\Kaspersky Lab
2008-08-16 17:14 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files
2008-08-16 17:11 --------- d-----w C:\Program Files\ESET
2008-08-15 22:36 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-12 05:11 --------- d-----w C:\Users\Hussein\AppData\Roaming\ESET
2008-08-12 05:10 --------- d-----w C:\ProgramData\ESET
2008-08-12 04:55 --------- d-----w C:\ProgramData\Symantec
2008-08-12 04:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-08 23:29 --------- d-----w C:\Users\Hussein\AppData\Roaming\NSeries
2008-08-08 23:16 --------- d-----w C:\Users\Hussein\AppData\Roaming\Nokia Multimedia Player
2008-08-08 23:06 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-08-08 22:33 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-08-08 16:54 --------- d-----w C:\Users\Hussein\AppData\Roaming\IDM
2008-08-08 00:23 --------- d-----w C:\Program Files\Internet Download Manager
2008-08-06 19:25 --------- d-----w C:\Users\Hussein\AppData\Roaming\Symantec
2008-08-06 18:00 --------- d-----w C:\Program Files\Java
2008-08-06 05:19 --------- d-----w C:\ProgramData\Avira
2008-08-05 20:42 --------- d-----w C:\ProgramData\Roxio
2008-08-01 03:14 --------- d-----w C:\Program Files\DIFX
2008-08-01 03:09 --------- d-----w C:\Program Files\SweetIM
2008-08-01 02:21 --------- d-----w C:\Users\Hussein\AppData\Roaming\DivX
2008-07-31 16:49 --------- d-----w C:\ProgramData\SiteAdvisor
2008-07-31 16:46 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
2008-07-31 03:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-31 03:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:34 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 03:34 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-07-30 23:47 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-07-30 23:32 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-30 23:30 --------- d-----w C:\ProgramData\McAfee
2008-07-30 23:30 --------- d-----w C:\Program Files\Common Files\McAfee
2008-07-29 20:49 --------- d-----w C:\ProgramData\SweetIM
2008-07-29 17:21 218,376 ----a-w C:\Windows\System32\klogon.dll
2008-07-29 17:20 24,774 ----a-w C:\Windows\system32\drivers\klopp.dat
2008-07-26 17:42 --------- d-----w C:\Program Files\TechSmith
2008-07-25 18:48 --------- d-----w C:\ProgramData\TechSmith
2008-07-25 15:47 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-07-22 20:16 --------- d-----w C:\Program Files\NETGATE
2008-07-21 23:52 --------- d-----w C:\Users\Hussein\AppData\Roaming\Sony Corporation
2008-07-21 23:52 --------- d-----w C:\ProgramData\Sony Corporation
2008-07-21 15:34 121,872 ----a-w C:\Windows\system32\drivers\kl1.sys
2008-07-16 12:51 --------- d-----w C:\Program Files\Real_SC
2008-07-15 23:48 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-07-09 09:14 174 --sha-w C:\Program Files\desktop.ini
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-06-27 03:54 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-06-27 03:54 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-06-19 03:25 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-06-19 03:25 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-06-19 03:25 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-06-19 03:25 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-06-12 22:04 691 ----a-w C:\Users\Hussein\AppData\Roaming\GetValue.vbs
2008-06-12 22:04 35 ----a-w C:\Users\Hussein\AppData\Roaming\SetValue.bat
.

((((((((((((((((((((((((((((( snapshot@Sun 09-14-2008_22.49.23.76 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-14 04:50:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-09-14 20:54:16 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-09-14 04:50:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-09-14 20:54:16 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-09-14 04:52:48 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-14 20:56:30 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-14 20:56:30 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-09-14 04:53:33 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-14 20:57:31 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-14 20:06:18 5,084 ----a-w C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\jalaan.com\jalaan.com\Data.dat
- 2008-09-08 03:58:10 3,360 ----a-w C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\zyzoom1.com\zyzoom1.com\Data.dat
+ 2008-09-14 20:34:00 3,360 ----a-w C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\zyzoom1.com\zyzoom1.com\Data.dat
- 2008-09-14 04:52:58 17,518 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1019644318-797602448-638544047-1003_UserData.bin
+ 2008-09-14 20:56:08 17,518 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1019644318-797602448-638544047-1003_UserData.bin
- 2008-09-14 04:52:57 94,864 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-14 20:56:08 94,950 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-09-14 04:52:55 80,314 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-09-14 20:56:06 80,314 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
12/16/2007 02:07 AM 73728 --------- C:\Users\Hussein\AppData\Local\Sony Corporation\VirtualExpander\VEShellExt.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [08/12/2005 03:30 PM 249856]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [11/02/2006 03:35 PM 125440]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [07/28/2007 03:38 PM 1360304]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 11:34 AM 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [01/12/2007 08:52 AM 118784]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [01/23/2007 06:39 AM 321656]
"E-Flyer"="C:\Program Files\Sony\E-Flyer\SubFlyer.exe" [10/17/2006 01:06 AM 456824]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM 33648]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [11/07/2007 02:35 AM 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [11/07/2007 02:35 AM 8534560]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [11/07/2007 02:35 AM 81920]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [03/24/2008 10:13 PM 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM 144784]
"MSConfig"="C:\Windows\system32\msconfig.exe" [11/02/2006 12:45 PM 222208]
"FortKnoxPersonalFirewall"="C:\Program Files\NETGATE\FortKnox Personal Firewall 2008\FortKnoxGUI.exe" [BU]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [07/29/2008 08:20 PM 206088]
"NeroCheck"="C:\Windows\system32\NeroCheck.exe" [07/09/2001 11:50 AM 155648]
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [07/09/2001 11:50 AM 155648]

C:\Users\Hussein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
VirtualExpander.lnk - C:\Users\Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe [2007-12-16 474808]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-17 113664]
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-03 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DfLogon]
LogonDll.dll [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
02/14/2007 01:19 AM 98304 C:\Windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll
"VIDC.ACDV"= ACDV.dll
"VIDC.YV12"= yv12vfw.dll
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
backup=C:\Windows\pss\PalTalk.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Hussein^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Audio Filter.lnk]
path=C:\Users\Hussein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk
backup=C:\Windows\pss\Audio Filter.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{473E164F-4F50-4B68-8F1F-F63316300F87}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{6E385DAD-2460-4130-AE6A-6D66BEE4B051}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{CF503ACA-CAA9-4F61-83D8-194EAF86DE52}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{8FBDBB95-4290-4E9D-9ECC-E4083E40C931}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{31113270-7145-4E1D-B34E-B05EBCECB6D6}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{60668A1F-7D54-4766-A4F6-8C581B3D9B0B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F46D6CC2-7A7E-41A4-9ED2-37D99923577E}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{AD029696-274D-4E34-928B-FFEDDC776BF5}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{0BA24197-5875-4C13-A534-944A5D076920}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{B360A40C-BF70-425B-8598-C9B7D51A1847}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{09C7ACA7-6EA0-4380-B28F-43DF41BD7A40}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{4807CB48-9C38-4697-A695-498C5A2BC17E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{4A41B5E5-4A44-4D16-AC04-9B00C5213906}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{5C1CB8D9-557C-4C8E-87B1-EC5693BEE8E5}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{81D51A66-9FB4-45CC-BAC7-5EBCF6637343}"= UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{99E16F49-7D95-45CE-BD3E-A5C81DDEA47F}"= TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"TCP Query User{515262E9-DC02-4C26-AA4A-68106175AFC7}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{7C9A67CB-5C43-4AAE-97A4-A37F9EE4C8B9}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"TCP Query User{B1C30AA6-5485-45A7-BC27-335654856074}C:\\users\\hussein\\appdata\\local\\temp\\rarsfx0\\hiw\\stinstall.exe"= UDP:C:\users\hussein\appdata\local\temp\rarsfx0\hiw\stinstall.exe:stinstall.exe
"UDP Query User{17573C4D-100B-4639-B948-3E8312EEC17E}C:\\users\\hussein\\appdata\\local\\temp\\rarsfx0\\hiw\\stinstall.exe"= TCP:C:\users\hussein\appdata\local\temp\rarsfx0\hiw\stinstall.exe:stinstall.exe
"TCP Query User{D0FCAF5C-E4BC-48BF-929F-BE58DEE2876A}C:\\program files\\paltalk messenger\\paltalk.exe"= UDP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"UDP Query User{49375F85-DCB0-445B-94CC-2186A0F69A51}C:\\program files\\paltalk messenger\\paltalk.exe"= TCP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"{5B0286BE-93B9-461C-87DB-0C1CD67C29C9}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{58992D61-5F8B-44DB-9968-7666EB85357B}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"TCP Query User{90269F03-2A82-426A-8364-0E998BAD78D5}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{31A51FC2-EBC5-4A19-82FF-F202F455D983}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"TCP Query User{1D24F816-7B38-4995-A96F-606DF548BED3}C:\\program files\\paltalk messenger\\paltalk.exe"= Disabled:UDP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"UDP Query User{CEBA3E22-3135-4252-807A-F5BE4E8FF204}C:\\program files\\paltalk messenger\\paltalk.exe"= Disabled:TCP:C:\program files\paltalk messenger\paltalk.exe:PaltalkScene
"{68B1B21B-3CEC-4F5D-A6CB-73270E94CA8E}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
"{32C85375-F8CF-4CE7-BEC0-96ADA2BD4E57}"= TCP:C:\Program Files\DNA\btdna.exe:DNA
"{13B4C2FD-B066-4EC1-9406-F00EFCD04F8C}"= Disabled:UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{73683311-F4D4-46A1-B92E-7AEB1FEFC547}"= Disabled:TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{1FB5B521-4677-420F-83AA-74C856A0F46D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7F5E15C7-825D-484C-A6D6-207562464838}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{DA3C25AF-DC76-4CDD-99D7-C87976D3260E}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{CB3877A7-0931-4516-9085-2FEB8204AB55}C:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:C:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"TCP Query User{51A048A3-3261-44E4-909B-43620387C3FC}F:\\sthiw\\stinstall.exe"= UDP:F:\sthiw\stinstall.exe:SpeedTouch Setup Wizard
"UDP Query User{B4C21AEC-A5FD-4BA1-B1CB-9528FE004C27}F:\\sthiw\\stinstall.exe"= TCP:F:\sthiw\stinstall.exe:SpeedTouch Setup Wizard

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [01/29/2008 06:29 PM 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [07/09/2008 06:28 PM 20496]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [08/18/2008 10:30 AM 211232]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [02/26/2008 10:08 PM 29183504]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [04/18/2007 06:09 AM 11032]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM 26640]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [03/15/2007 10:19 PM 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [03/15/2007 10:19 PM 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;C:\Windows\system32\DRIVERS\SonyImgF.sys [04/05/2007 04:03 AM 31104]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [02/08/2007 06:53 AM 807424]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [02/08/2007 06:10 AM 195584]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe [01/26/2007 09:41 PM 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe [01/26/2007 09:41 PM 67760]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 3\IcVzMon.exe [01/26/2007 09:41 PM 43184]
S3 TridVid;Trident Analog Video;C:\Windows\system32\DRIVERS\TridVid.sys [06/18/2007 06:52 AM 201216]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [12/25/2007 05:30 AM 306432]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [01/11/2007 02:51 AM 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Collection (HTTP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [01/09/2007 03:06 AM 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [01/17/2007 12:05 AM 1089536]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - H:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f76850d-d284-11dc-9f2f-0013a9c2467b}]
\shell\Autoplay\Command - smss.exe
\shell\AutoRun\command - smss.exe
\shell\Explore\Command - smss.exe
\shell\Open\Command - smss.exe
.
s of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Hussein\AppData\Roaming\Mozilla\Firefox\Profiles\rtupqdbe.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1654009&SearchSource=3&q=
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2008-09-15 00:01:07
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\Windows\Explorer.exe
-> C:\Program Files\McAfee\SiteAdvisor\saHook.dll
.
Completion time: 09/15/2008 0:02:28
ComboFix-quarantined-files.txt 2008-09-14 21:02:02

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 65,567,170,560 bytes free

302 --- E O F --- 2008-09-12 19:48:51

 
توقيع : ^GHOST^
تأييد 0
تقرير الهايجاك

Logfile of HijackThis v1.99.1
Scan saved at 12:03:32 ص, on 15/09/08
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Users\Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Explorer.exe
C:\Users\Hussein\Desktop\ادوات الصيانة\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall 2008\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: VirtualExpander.lnk = Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: DfLogon - LogonDll.dll (file missing)
O20 - Winlogon Notify: klogon - C:\Windows\system32\klogon.dll
O20 - Winlogon Notify: VESWinlogon - C:\Windows\SYSTEM32\VESWinlogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: SQL Server (VAIO_VEDB) (MSSQL$VAIO_VEDB) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP (file missing)
O23 - Service: VAIO Media Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


 
توقيع : ^GHOST^
تأييد 0
القيم التى طلبنا حذفها مازالة موجوده

لابد ان تستخدم اداة الهايجاك كمسؤول لكى يتم الحذف

وهذا مثال

zyzoom-2992f8024f.png
 
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي




خوذ راحتك على مهلك

اهم شئ التطبيق السليم وتنحل المشكله​
 
تأييد 0
تقرير الهايجاك بعد حذف القيم

Logfile of HijackThis v1.99.1
Scan saved at 12:32:15 ص, on 15/09/08
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\System32\mobsync.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Hussein\Desktop\ادوات الصيانة\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall 2008\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: VirtualExpander.lnk = Hussein\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: klogon - C:\Windows\system32\klogon.dll
O20 - Winlogon Notify: VESWinlogon - C:\Windows\SYSTEM32\VESWinlogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: SQL Server (VAIO_VEDB) (MSSQL$VAIO_VEDB) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP (file missing)
O23 - Service: VAIO Media Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)


 
توقيع : ^GHOST^
تأييد 0
احذف التالى

O11 - Options group: [INTERNATIONAL] International*

O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"

عطنى النتايج​
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى